Merge branch 'main' into trivy

Author: madhavilosetty-intel

.github/workflows/api-test.yml

@@ -30,7 +30,7 @@ jobs:
     #   if: failure()
     #   uses: jwalton/gh-docker-logs@v2
     - name: Upload Postman Results
-      uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
+      uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
       with:
         name: rps-api
         path: /home/runner/work/mps/mps/src/test/results

.github/workflows/changelog.yml

@@ -18,7 +18,7 @@ jobs:
           fetch-depth: 0
       - run: docker run -v $PWD:/workdir quay.io/git-chglog/git-chglog:0.15.1 --next-tag $(node --eval="process.stdout.write(require('./package.json').version)") --output CHANGELOG.md  
       - name: GitHub Upload Release Artifacts
-        uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
         with:
           name: CHANGELOG.md
           path: |

.github/workflows/codeql-analysis.yml

@@ -85,7 +85,7 @@ jobs:
         template: report
         token: ${{ secrets.SECURITY_TOKEN }}
     - name: GitHub Upload Release Artifacts
-      uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
+      uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
       continue-on-error: true
       with:
         name: report

.github/workflows/node.js.yml

@@ -42,7 +42,7 @@ jobs:
         if: ${{ matrix.node-version == '18.x' }}
       - run: mv junit.xml rps-unit-${{ matrix.node-version }}.xml
       - name: Upload JEST Results
-        uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
         with:
           name: rps-unit-${{ matrix.node-version }}
           path: rps-unit-${{ matrix.node-version }}.xml

.github/workflows/scorecard.yml

@@ -64,7 +64,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
         with:
           name: SARIF file
           path: results.sarif

.github/workflows/semantic.yml

@@ -12,15 +12,18 @@ jobs:
         uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
         with:
           egress-policy: audit
-
+      - name: Setup Node.js 20.x
+        uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1
+        with:
+          node-version: 20.x
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           fetch-depth: 0
       - uses: wagoid/commitlint-github-action@5ce82f5d814d4010519d15f0552aec4f17a1e1fe # v5.4.5
         with:
           configFile: .github/commitlint.config.js
       - name: Install Dependencies
-        run: npm install @commitlint/config-conventional
+        run: npm install @commitlint/config-conventional@18.5
       - uses: JulienKode/pull-request-name-linter-action@8c05fb989d9f156ce61e33754f9802c9d3cffa58 # v0.5.0
         with:
-          configuration-path: ./.github/commitlint.config.js
+          configuration-path: ./.github/commitlint.config.js